Mozilla specialists presented the WASI (WebAssembly System Interface) project, which involves the development of an API for creating ordinary applications that run outside the browser. At the same time, we are initially talking about cross-platform and a high level of security for such applications.
As noted, they run in a special "sandbox" and have access to files, the file system, network sockets, timers, and so on. In this case, the program can only perform actions that are known to be allowed.
Given that WebAssembly pseudocode is a platform-independent variant of the Assembler language, using JIT will allow you to achieve high code performance, at the level of native applications. At the moment, an implementation of the basic POSIX APIs (files, sockets, etc.) is provided, but it does not yet support locks and asynchronous I / O. In the future, modules for cryptography, work with 3D graphics, sensors and multimedia are expected.
It should also be noted that the Fastly project introduced the Lucet compiler for WebAssembly applications. It allows you to safely execute third-party WebAssembly programs inside other applications, for example, this is suitable for plugins. The compiler itself is written in Rust, while it supports C, Rust, and TypeScript code.
Of course, there are still many questions about the security of this approach. Executing code in a sandbox is oddly combined with access to the functions of the main system, so this issue still needs to be clarified. In addition, it is not clear which programs should work in this mode and how their behavior will need to be monitored.
Source: 3dnews.ru